microtunnel-client
Advanced tools
microtunnel-client is an axios based library to enable post-quantum protected communication between apps (it must be used with microtunnel-server). You can send any JSON-serializable data. It also uses supersphincs for app authentication, kyber-crystals for asymmetric encryption and symcryptor for symmetric encryption.
npm i microtunnel-client
First, you have to create app credentials and save them in a json file. Enter in module path typing cd path-to-your-project/node-modules/microtunnel-client and then run npm run -s cred-generate > ../../appCred.json to save the credentials in your project root.
// appCred.json
{
// Supersphincs keys base-64 encoded
"publicKey": "rPyoqSZrNNUVpjKdhGLDD4sjXd8lgIgnRBY2NP5n8PDDLSvoLoD5n4GjaxbAfSDjagBjN8zztUQTNG1EKO9IgpgTLkfkTkhWqdgkC/K3EQLh6AMCZ8snlnles2QrbHAy",
"privateKey": "FKQ243eKoZ1zAdfXfGkzjcONsFwXbb2YliwoFSMFjNSs/KipJms01RWmMp2EYsMPiyNd3yWAiCdEFjY0/mfw8MkQY9Orp5MsbUAf54jM1iUhvEhaUJceqTG92ibMdu914IaJsN5+3hKHhAZ1o+dtspIY09zuZKNe48hEjlLwjg3DLSvoLoD5n4GjaxbAfSDjagBjN8zztUQTNG1EKO9IgpgTLkfkTkhWqdgkC/K3EQLh6AMCZ8snlnles2QrbHAy",
// Random bytes base-64 encoded for ID
"agent": "vwoA1JzkT6d7SXjIBoZ2egYlSn6Ajzge"
}
Then you have to create a JSON file containing servers info. In this example we have two apps named backEnd and sessions:
// authServers.json
{
"backEnd": {
"url": "http://127.0.0.1:3000",
"publicKey": "X67kzs9zrKfbayvF5SIsulZzfUYHeTm6BoFTD/BWiryIcOWcaR8d6M4LpaOylCi4DqY59ABNt1nNnfFZjG4akE4hcKaMyx5ar9Uds2Op687uecLGWb0n6W+voSDKzMS8",
"agent": "285gWsTqj3Gza+3AxJn1qrWzAvf/Lf5i"
},
"sessions": {
"url": "http://192.168.0.3:3000",
"publicKey": "rPyoqSZrNNUVpjKdhGLDD4sjXd8lgIgnRBY2NP5n8PDDLSvoLoD5n4GjaxbAfSDjagBjN8zztUQTNG1EKO9IgpgTLkfkTkhWqdgkC/K3EQLh6AMCZ8snlnles2QrbHAy",
"agent": "vwoA1JzkT6d7SXjIBoZ2egYlSn6Ajzge"
}
}
Then you can use it in your code:
const authReq = require( 'microtunnel-client' )( { appCredFile: 'appCred.json', authServersFile: 'authServers.json' } );
( async () => {
try {
let resp = await authReq.get( 'backEnd', '/page/2' );
console.log( resp );
resp = await authReq.post( 'sessions', '/another-route', { data: 'mydata' } );
console.log( resp );
} catch ( err ) {
console.log( err );
}
} )();
require( 'microtunnel-client' )( options )optionsapi Optional - Root path for microtunnel (note: must be the same for servers) - Default '/microtunnel'timeout Optional - Axios timeout for each requestappCredFile Optional - Relative path of the credentials file - Default: enviroment var APP_CREDauthServersFile Optional - Relative path of the autherized clients file - Default: enviroment var AUTH_SRVSauthReq.getauthReq.get( serverName: String, serverPath: String )
serverName Required - The name of the server as written in authServers.jsonserverPath Required - The path of the server you want to fetchDecrypted JSON parsed data from server when Promise resolved else throw an Error
authReq.postauthReq.post( serverName: String, serverPath: String, obj )
serverName Required - The name of the server as written in authServers.jsonserverPath Required - The path of the server you want to fetchobj Required - The data you want to send. It must be JSON serializableDecrypted JSON parsed data from server when Promise resolved else throw an Error
FAQs
NodeJS library for post-quantum communication between apps
The npm package microtunnel-client receives a total of 10 weekly downloads. As such, microtunnel-client popularity was classified as not popular.
We found that microtunnel-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.